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Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 1-50 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Beckman et al. (US 6,385,724) 



As per claims 1,19, and 37, Beckman et al. discloses a method for linking 
between nodes in a distributed computing system, the method comprising: 

implementing a domain comprising a first network node and a second network 
node; (Col 6 lines 47-59, Figure 5A , Figure 5B) 

implementing a data object that indicates whether the domain permits links 
between nodes without verification of user credential; RPC J2_AUTHN_LEVEL_NONE 
as mentioned per table 1 is a condition that does not require authentication of user 
credentials. (Col 11 lines 23-67, Col 12 lines 1-19) 

sending a link request from the first network node to the second network node; 
(Col 8 lines 48-51 , Figure 5A items 302, 312) 
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establishing a link between the first network node and the second network node 
without requiring the user credentials if the data object indicates verification of the user 
credentials is not required; (Col 11 line 62, Col 12 lines 42-45) 

As per claims 2, 20, and 38, Beckman et al. discloses the method of claim 1 in 
which a connected user makes the link request, and the link is established as a 
connected user; (Col 1 1 lines 62-67, Col 12 lines 20-24). 

As per claims 3, 21 , and 39, Beckman et al. discloses the method of claim 1 in 
which a connected user makes the link request as a current user, and the link is 
established as a current user; An object can access the functionality of another object in 
a different context, and this provides a reference to a security policy; The teachings 
allow the user to make a link request as a current user as to act upon behalf and 
impersonate another user. (Col 9 lines 41-55, Col 12 lines 26-55, Figure 4) 

As per claims 4, 22 and 40, Beckman et al. discloses the method of claim 3 in 
which the link request is embedded in a stored object; A pointer serves as a link request 
embedded in the object. (Col 8 lines 48-51) 

As per claims 5, 23, and 41, Beckman et al. discloses the method of claim 4 in 
which the stored object is selected from the list consisting of: a procedure, a function, a 
view, a trigger. (Col 8 lines 2-6, Figure 2 items 104, 116, 117, 118) 
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As per claims 6, 24, and 42, Beckman et al. discloses the method of claim 1 in 
which the second network node comprises a list of untrusted nodes, wherein the link 
between the first network node and the second network node is not established if the list 
of untrusted nodes indicates that the first network node is untrusted. (Col 14 lines 43- 
59, Figure 11 items 574, 578) 

As per claims 7, 25, and 43, Beckman et al. discloses the method of claim 1 in 
which the data object that indicates whether the domain permits links between nodes 
without verification of user credentials is a flag in a domain object corresponding to the 
domain; The binary standards serves the function for a flag as in the values of "1" or "0" 
(Col 7 lines 48-51) 

As per claims 8 and 26, Beckman et al. discloses the method of claim 1 further 
comprising a second domain; Second domain is inherent to the enterprise-wide 
computer networks (Col 6 lines 56-59) having a third network node, (Figure 5A item 
322) in which a second link request is sent from the first network node to the third 
network node, wherein an act of establishing a network link between the first network 
node and the third network is made only upon verification of user credentials; (Col 10 
lines 3-8, Figure 5A items 302, 312, 322) 
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As per claims 9 and 27, Beckman et al. discloses the method of claim 1 further 
comprising a second domain ; Second domain is inherent to the enterprise-wide 
computer networks (Col 6 lines 56-59) having a third network node, in which a second 
link request is sent from the first network node to the third network node, wherein an act 
of establishing a network link between the first network node and the third network is 
made without verification of user credentials; (Col 1 1 lines 48-50, Col 1 1 line 61 , Figure 
5A items 302, 312, 322). 

As per claims 10, 28, and 44, Beckman et al. discloses the method of claim 1 in 
which mutual authentication occurs between the first network node and the second 
network node. (Col 10 lines 3-8, Figure 5A items 302, 312) 

As per claims 1 1 , 29, and 45, Beckman et al. disclose the method of claim 1 in 
which the first network node passes information to the second network node regarding a 
prior chain of links related to the link request. (Col 9 lines 65-67, Col 10 lines 1- 8) 

As per claims 12, 30, and 46, Beckman et al. discloses the method of claim 1 1 in 
which the information regarding the prior chain of links comprises identification of all 
previous users in the prior chain of links. (Figure 5B item 342, 344, 346). 

As per claims 13, 31, and 47, Beckman et al. discloses the method of claim 1 1 in 
which the information regarding the prior chain of links comprises identification of 
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previous nodes in prior related links; The identity information provides the identification 
of the previous nodes in prior related links. (Figure 5B item 342, 344, 346) 

As per claims 14, 32, and 48, Beckman et al. discloses the method of claim 1 1 in 
which a last entry in the information is checked for an untrusted user/node combination. 
(Col 14 lines 43-59) 

As per claims 15, 33, and 49, Beckman et al. discloses the method of claim 14 in 
which trusted user/node combinations are maintained at a central authority. (Col 14 
lines 60-65, Figure 12A, 12B, 12C) 

As per claims 16, 34 and 50, Beckman et al. discloses the method of claim 15 in 
which the central authority is the directory; The catalog serves as the directory. (Col 14 
lines 60-65, Col 15 lines 7-18, Figure 12A, 12B, 12C) 

As per claims 17 and 35, Beckman et al. discloses the method of claim 14 in 
which untrusted combinations are stored in a database. (Col 14 lines 60-65, Figure 12A, 
12B, 12C) 

As per claims 18 and 36, Beckman et al. discloses the method of claim 1 further 
comprising: establishing the link between the first network node and the second network 
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node only upon verification of the user credentials if the data object indicates that user 
credentials are required; (Col 10 lines 3-7, Col 10 lines 14-17) 



Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Sampson et al. (US 6,339,423) discloses a single access control 
system to manage access by users to resources that belong to multiple domains. 
Carter (US 6,119,230) discloses methods and systems for managing security 
credentials in a distributed computer system. Qui et al. (US 2002/0007346) discloses a 
system is provided for authenticating messages between at least two parties that do not 
share a common trust provider. Craft et al. (US 2003/0195888) discloses a method and 
apparatus for creating links between otherwise unlinked databases. Otway (US 
6,192,130) discloses an information security subscriber trust authority transfer system 
with private key history transfer. Goodisman (US 2002/0069223) discloses a method 
and system to create dynamic associations or links between objects. Ambrosini (US 
2002/0078004) discloses a method and system for providing access control using 
Lightweight Directory Access Protocol. Van Dyke et al. (US 5,708,812) discloses a 
method and apparatus for facilitating the migration of accounts from a source domain to 
a target domain. Swift et al. (US 5,768,519) discloses merging a source domain into a 
target domain in a network. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Chirag R. Patel whose telephone number is (571)272- 
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7966. The examiner can normally be reached on Monday to Friday from 7:30AM to 
4:00PM. If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Rupal Dharia, can be reached on (571) 272-3880. The fax 
phone number for the organization where this application or proceeding is assigned is 
703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




